APT41, also known as Axiom, Blackfly, Brass Typhoon (formerly Barium), Bronze Atlas, HOODOO, Wicked Panda, and Winnti, is known to be operational since at least 2007, targeting a wide range of industries to conduct intellectual property theft.
To defend against RaaS groups, organizations need a holistic, defense-in-depth approach that includes measures like multi-factor authentication, email security, patch management, and comprehensive asset management.
Discovered yesterday by MalwareHunterTeam, the ransomware was initially thought to be part of a red team exercise by Sophos. However, the Sophos X-Ops team tweeted that they did not create the encryptor and that they are investigating its launch.
Ukraine’s Cyber Police shut down yet another bot farm that was reportedly spreading disinformation about the war in Ukraine on social media, just one month after a similar illicit operation was raided in west-central Ukraine.
On June 16th, Cybernews researchers came across two misconfigured, meaning publicly exposed, Google Cloud Storage buckets. Both combined, they contained over 1.1 million files.
Once again, the Gamaredon APT is carrying out a new wave of phishing attacks targeting Ukrainian government agencies, stealing data within an hour of the attack. The campaign is aimed at entities in Ukraine, including security services, military, and government organizations. It is advised that organizations must adopt real-time threat alerting and threat insight-sharing solutions to […]
To deceive the company, he impersonated the ransomware gang extorting them. He tried to redirect the ransomware payments by switching the cybercriminals’ cryptocurrency wallet to one under his control.
The ransomware attack, which impacted multiple UKG customers such as Tesla, PepsiCo, Whole Foods, and New York City’s Metropolitan Transportation Authority, hindered some customers’ ability to process payroll.
Using the online moniker ‘La_Citrix’, the threat actor has been active on Russian-speaking cybercrime forums since 2020, offering access to hacked companies and info-stealer logs from active infections.
The Biden administration has considered an Energy Star type of consumer labeling program a key part of an effort to strengthen the nation’s cyber infrastructure following the SolarWinds and Colonial Pipeline attacks.